Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/NX3BnETK03SqEEaaVLGmlETbbww.roa
File:                     NX3BnETK03SqEEaaVLGmlETbbww.roa (raw, json)
Hash identifier:          bnS8AamIfD++pJTbhtN4vT2TzfQ+tG4b3nI0TpFmpTQ=
Subject key identifier:   35:7D:C1:9C:44:CA:D3:74:AA:10:46:9A:54:B1:A6:94:44:DB:6F:0C
Certificate issuer:       /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial:       018576C4B7AF37A9A2F97122EF80D3FFEBC0
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/NX3BnETK03SqEEaaVLGmlETbbww.roa
Signing time:             Tue 03 Jan 2023 08:34:41 +0000
ROA not before:           Tue 03 Jan 2023 08:34:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60721
IP address blocks:        88.209.201.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 09 Jan 2023 08:52:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:76:c4:b7:af:37:a9:a2:f9:71:22:ef:80:d3:ff:eb:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
        Validity
            Not Before: Jan  3 08:34:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=357dc19c44cad374aa10469a54b1a69444db6f0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:6d:9e:3f:c0:05:b9:73:d0:40:5f:bb:da:4b:
                    48:15:4c:2f:73:e6:d8:73:3c:f8:e1:f2:08:09:e7:
                    e5:51:ab:02:41:19:ce:c8:83:71:5e:85:4d:fb:20:
                    95:73:48:9e:40:47:34:7a:42:6d:87:98:cc:b0:e4:
                    1e:0c:14:4f:27:8a:24:65:c9:ae:8c:ca:41:67:0d:
                    0e:ba:b5:f7:64:2c:3e:8a:b1:33:c4:31:37:88:6b:
                    27:15:31:b3:3e:15:35:b6:5c:99:5d:53:ea:a0:36:
                    39:98:1d:c7:42:4c:68:c3:fb:31:cc:15:a5:e8:34:
                    fd:54:cd:94:cf:34:f4:41:33:4d:20:28:75:35:79:
                    4e:e4:8c:d9:52:77:a4:c4:c2:73:a1:c9:54:51:3b:
                    51:6c:39:7e:17:4e:0f:dd:6b:af:a1:90:db:3d:80:
                    5a:7f:ac:dd:16:5b:7d:e7:75:3f:23:61:61:86:5e:
                    b0:bc:c2:58:89:90:3d:b9:54:6e:88:13:f8:6e:14:
                    3a:43:e7:b0:63:49:2c:f9:0d:8c:dd:e0:02:92:32:
                    67:4a:94:35:e9:2f:40:5a:35:58:62:24:29:1f:77:
                    7f:c7:a4:4e:9e:67:da:a7:4f:76:b2:14:1c:ab:d6:
                    80:ab:d3:95:13:ec:73:89:12:b9:a1:3f:94:fc:95:
                    bf:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:7D:C1:9C:44:CA:D3:74:AA:10:46:9A:54:B1:A6:94:44:DB:6F:0C
            X509v3 Authority Key Identifier:
                keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/NX3BnETK03SqEEaaVLGmlETbbww.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.209.201.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:12:06:fb:bf:52:df:66:7b:8f:c4:ee:ae:6a:ae:03:dc:a4:
         05:e6:76:d3:c1:2f:e3:b8:81:33:76:34:42:2a:fe:b0:6e:25:
         2c:64:88:78:96:99:71:2e:3a:4a:6e:44:56:39:c7:de:71:09:
         b4:7d:ec:91:e5:e9:5a:db:fd:5f:65:82:14:eb:0f:4c:6f:fd:
         89:1a:7f:d6:11:2a:07:2a:1b:6e:0d:3c:ad:8a:40:d4:94:58:
         05:55:d0:d4:51:04:f1:f7:7d:f7:7e:6b:d3:26:6e:7a:89:76:
         77:a7:b1:17:0c:1f:81:2d:e6:ab:5a:6f:49:1c:39:26:85:31:
         4b:e0:0d:22:70:c4:dd:16:5a:31:f7:e5:68:3d:f6:42:c4:57:
         36:b5:1a:47:bd:4f:ee:fe:90:56:a1:d0:7c:d8:f9:6b:80:46:
         d0:15:a7:6d:c1:4c:62:ed:c1:d9:f1:79:2b:54:ab:b5:f8:2f:
         0a:20:88:eb:c3:25:de:3e:e2:e5:ad:de:08:22:4b:08:05:c2:
         ab:5e:f3:4a:63:28:71:dd:11:ac:6c:c0:eb:7a:e3:47:f2:5a:
         96:bd:fb:9e:75:2a:c4:58:ed:1f:7f:65:59:f8:26:32:50:f1:
         dd:eb:5e:71:33:76:67:52:5b:2d:54:0e:6e:aa:e3:d3:2f:44:
         6e:5e:40:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYV2xLevN6mi+XEi74DT/+vAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMTAzMDgzNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTdkYzE5YzQ0Y2FkMzc0YWExMDQ2OWE1NGIxYTY5NDQ0ZGI2ZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgG2eP8AFuXPQQF+72ktIFUwvc+bY
czz44fIICeflUasCQRnOyINxXoVN+yCVc0ieQEc0ekJth5jMsOQeDBRPJ4okZcmu
jMpBZw0OurX3ZCw+irEzxDE3iGsnFTGzPhU1tlyZXVPqoDY5mB3HQkxow/sxzBWl
6DT9VM2UzzT0QTNNICh1NXlO5IzZUnekxMJzoclUUTtRbDl+F04P3WuvoZDbPYBa
f6zdFlt953U/I2Fhhl6wvMJYiZA9uVRuiBP4bhQ6Q+ewY0ks+Q2M3eACkjJnSpQ1
6S9AWjVYYiQpH3d/x6ROnmfap092shQcq9aAq9OVE+xziRK5oT+U/JW/mwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDV9wZxEytN0qhBGmlSxppRE228MMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvTlgzQm5FVEswM1NxRUVhYVZMR21sRVRiYnd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNHJMA0G
CSqGSIb3DQEBCwUAA4IBAQCuEgb7v1LfZnuPxO6uaq4D3KQF5nbTwS/juIEzdjRC
Kv6wbiUsZIh4lplxLjpKbkRWOcfecQm0feyR5ela2/1fZYIU6w9Mb/2JGn/WESoH
KhtuDTytikDUlFgFVdDUUQTx9333fmvTJm56iXZ3p7EXDB+BLearWm9JHDkmhTFL
4A0icMTdFlox9+VoPfZCxFc2tRpHvU/u/pBWodB82PlrgEbQFadtwUxi7cHZ8Xkr
VKu1+C8KIIjrwyXePuLlrd4IIksIBcKrXvNKYyhx3RGsbMDreuNH8lqWvfuedSrE
WO0ff2VZ+CYyUPHd615xM3ZnUlstVA5uquPTL0RuXkD/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org